Login | Register
My pages Projects Community openCollabNet

Discussions > dev > SQL issue for 1.5.5

Project highlights: Stable Version: 1.6.1, Development Version: 1.7.6

current
Discussion topic

2020-04-07: This site is going to be decommissioned and shut down on 2020-07-01. Please copy and archive any data you wish to keep before that date.

Hide all messages in topic

All messages in topic

SQL issue for 1.5.5

Reply

Author jwbernin
Full name John Berninger
Date 2003-06-07 17:34:09 PDT
Message Folks -

        One of our testers has found a fairly serious bug in 1.5.5rc1
which actually appears to be a problem with the PyPgsql DB-API module;
it doesn't appear to quote strings correctly. The behavior is noticed
when an RPM contains a file with either a single quote ("'") or a
backslash ("\") in it's name, both of which are valid filename
characters according to POSIX.

        I've added a patch to CVS HEAD to fix this problem by doing the
necessary quoting myself using the string.replace() function. As was
pointed out, this is more of a workaround than an actual solution.

        I'd like some feedback from this list on whether we should
continue to use PyPgsql and accept the "workaround" as a "solution", or
whether the project should switch to Psycopg which according to Hunter's
tests seems to do the necessary string quoting correctly.

        The details of the problem, as I see it, are in an ambiguity in
the Python DB-API, which I won't go into here, but I can in another
email if anyone's interested.

        So, what say you?

--
John Berninger

GPG Key ID: A8C1D45C
        Fingerprint: B1BB 90CB 5314 3113 CF22 66AE 822D 42A8 A8C1 D45C

Sit vis nobiscum.
--

--------------------​--------------------​--------------------​---------
To unsubscribe, e-mail: dev-unsubscribe@curr​ent.tigris.org
For additional commands, e-mail: dev-help at current dot tigris dot org
Messages per page: